On Monday, October 17, 2011 at 2:41 PM, Gerd Wagner wrote: > > > > * It would be good if Browsers would continue supporting "eval" (apparently, FF does, by default, no longer support it) . We are using eval for supporting programming game features (see http://en.wikipedia.org/wiki/Programming_game). (http://en.wikipedia.org/wiki/Programming_game) > > What's the game-specific use case? And why are other methods not sufficient (e.g., common.js require)? > > Our use cases are not related to module handling. We have sims/games > where the user/player can enter her own code for expressions and > functions at run time. Ok, but you see the security/privacy issue there right? > This is like in "programming games", but we want > to use this also for educational purposes in "serious" games. That's all the more reason to not allow raw code execution. You will need some kind of safe meta-language… maybe using processing.js? (i.e., is there a use case for the game to read the cookies of a user, insert scripts, change the DOM, etc.)…. I haven't checked if processing.js is safe or not; I'm just using it as an example.Received on Monday, 17 October 2011 13:25:45 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:50:27 UTC